<?php
class action extends mysql
{
	private $tablename;
	
	public function __construct()
	{
		parent::__construct();
		$this->tablename = PREFIX . 'admin';
	}
	
	//检验是否登录
	public function _islogin()
	{
		if(
            (isset($_SESSION['active']) && $_SESSION['active'] == 1) ||
            (isset($_COOKIE['userid']) && $_COOKIE['userid'] != ''))
		{
			return false;
		}
		else
		{
			return true;
		}
	}
	
   /**
	*函数: _login($postList)
	*功能: 登陆
	*参数: $postList 提交的变量列表数组
	*返回: 成功返回true,失败返回标识
	*/
	public function _login($input)
	{
		if(strtolower(trim($_SESSION['captcha_string'])) != strtolower(trim($input['captcha'])))
		{
			$this->_message('login.php', '验证码错误！');
		}
		$query = sprintf("select * from {$this->tablename} where `userid`='%s' and `password`=sha1('%s')", 
						 mysql_real_escape_string($input['userid']), mysql_real_escape_string($input['pwd']));
		$res = $this->_select($query);
		if(empty($res))
		{
			$this->_message('login.php', '用户名或密码错误！');
		}
		else
		{
			$_SESSION['userid'] = trim($res['userid']);
			$_SESSION['id']		= $res['id'];
			$_SESSION['active'] = 1;
			$_SESSION['lastip'] = $res['lastip'];			//上次登录的ip
			$_SESSION['lasttime'] = $res['lasttime'];		//上次登录shijian
			//更新时间和ip
			$query = sprintf("update `{$this->tablename}` set `lastip`='%s', `lasttime`=%d", $_SERVER['REMOTE_ADDR'], $_SERVER['REQUEST_TIME']);
			$this->_update($query);
			setcookie('userid', $input['userid'], time()+$input['keeptime']);
			$this->_message('index.php', '恭喜！登录成功！');
		}
	}

   /**
	*函数: _logout()在退出按钮里加target=“_top”
	*功能: 退出
	*参数:无
	*返回: 成功返回true,失败返回标识
	*/
	public function _logout()
	{
		$_SESSION = array();
		if(isset($_COOKIE[session_name()]))
		{
			setcookie(session_name(), '', time()-1);
		}
		setcookie('userid', '', time()-3600);
		session_destroy();				 //彻底销毁
	}
	
   /**
	*函数: _get_level($userid)
	*功能: 查询管理员信息
	*参数: 
	*返回: 成功返回true,失败返回标识
	*/
	public function _get_level($userid)
	{
		$query = sprintf("select * from `{$this->tablename}` left join `%s` on `{$this->tablename}`.`type`=`%s`.`typeid` 
						 where `userid`='%s'", PREFIX . 'utype', PREFIX . 'utype', $userid);
		if($res = $this->_select($query))
		{
			return $res;
		}
		else
		{
			return false;
		}
	}

  /**
	*函数: _get_sys_info($postList)
	*功能: 返回系统信息设置
	*参数: 无
	*返回: 数组
	*/
	public function _get_sys_info()
	{
		$arrOutput = '';
		@$GD = gd_info();
		$arrOutput['php_verison']      = '<font color="green">' .PHP_VERSION . '</font>';
		$arrOutput['gd_version']       = function_exists('imagecreate') ? '<font color="green">' . $GD['GD Version'] . '</font>' : '<font color="red">不支持GD库</font>';
		$arrOutput['safe']             = ini_get('safe_mode') ? '<font color="red">是</font>' : '<font color="green">否</font>';
		$arrOutput['Register_Globals'] = ini_get('register_globals') ? '<font color="red">打开</font>' : '<font color="green">关闭</font>';
		$arrOutput['Magic_Quotes_Gpc'] = get_magic_quotes_gpc() ? '<font color="red">打开</font>' : '<font color="green">关闭</font>';
		$arrOutput['post_max_size']    = ini_get('post_max_size');
		$arrOutput['allow_url_fopen']  = ini_get("allow_url_fopen") ? '<font color="green">支持</font>' : '<font color="red">不支持</font>';
		$arrOutput['app_name']         = APP_NAME;
		$arrOutput['app_version']      = APP_VERSION;
		$arrOutput['author']           = AUTHOR;
		$arrOutput['php_os']           = PHP_OS . '|' . $_SERVER['SERVER_SOFTWARE'];
		$arrOutput['max_execution_time'] = ini_get('max_execution_time').'秒';
		return $arrOutput;
	}
	
   /**
	*函数: _get_type($userid)
	*功能: 查询管理员等级
	*参数: 
	*返回: 成功返回true,失败返回标识
	*/
	public function _get_type($userid)
	{
		$sql = sprintf("select * from `{$this->tablename}` where `userid`='%s'", $userid);
		if($res = $this->_select($sql))
		{
			return $res;
		}
		else
		{
			return false;
		}
	}
//---------------------------------class end----------------------------------------
}
?>